Paraphrasing Is (At Best) a Partial Defence Against Steganography in LLMs

Usman Anwar·LessWrong·AI·

Within the AI Safety community, paraphrasing, which, in the context of this post, simply means using another LLM (with nonzero temperature) to rewrite a given piece of content, is generally considered a viable defence and detection method for steganography in LLMs. In this blogpost, we briefly provide a taxonomy of types of steganography in LLMs, and then highlight the limitations of paraphrasing against each type.Unfortunately, there are types of steganography that LLMs have been shown to use t...

Read full article →

Related Articles

OpenAI’s o1 correctly diagnosed 67% of ER patients vs. 50-55% by triage doctors
donsupreme · Hacker News · 18d ago
Accelerating Gemma 4: faster inference with multi-token prediction drafters
amrrs · Hacker News · 15d ago
A couple million lines of Haskell: Production engineering at Mercury
unignorant · Hacker News · 18d ago
Using “underdrawings” for accurate text and numbers
samcollins · Hacker News · 19d ago
ProgramBench: Can language models rebuild programs from scratch?
jonbaer · Hacker News · 14d ago